Threat Predictions for 2016 from Security Experts

Security companies and various tech publications have posted their predictions of the security threats that will likely plagued 2016. Below are the three most common predictions made by experts in their respective lists.
This blog post from SecureWorldExpo.com nicely summarizes all the security prediction lists and highlights each lists’ more notable points.

Expansion on both attacks and security awareness for the Internet of Things (IoT). With the explosion of smart and highly connected devices last year, 2015 is being hailed as the year of IoT. With popularity come risks, of course. As users learn to navigate to world that is becoming less and less private, security awareness for the connected devices they own will also come to fore. This, however, will not stop malicious attackers from targeting these powerful devices that contain so much mine-able data. [Wired, Symantec, WebSense, FireEye, Trend Micro, Kaspersky, Sophos, IBM, CIO, Forrester]

Digital extortion attacks and ransomware will up their games, becoming more ‘personal’, with more sophisticated evasion tactics. Attackers are starting to realize that protecting reputations is actually more important to users that getting access to data that can be held for ransom. This means that the threat that can be held over a victim’s head will be the release of the sensitive information like what happened in the Ashley Madison attack. As these malicious programs up the ante of their ransom game, they will also upgrade their evasion tactics to go under the radar of security products. [Wired, Symantec, TM, Kaspersky, NetworkWorld]

Data breaches will continue and companies will start to look to cyber insurance, asset enumeration, and being extra careful in allowing 3rd-party access. One breach after another was reported whole year round in 2015, with corporate giants failing to protect customer and company information from being exposed and/or exploited. This continuing onslaught of persistent attackers, who are always on the lookout for the slightest cracks in a company’s digital walls, will result in stricter mitigation techniques to minimize risks; actions that involve insurance, background checks, and asset listing. [Wired, Symantec, Websense, Networkworld]